← voltar
CVE-2012-4197

CVE-2012-4197

EPSS 1.5%
Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 allows remote attackers to read attachment descriptions from private bugs via an obsolete=1 insert action.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.mozilla.org/show_bug.cgi?id=802204https://exchange.xforce.ibmcloud.com/vulnerabilities/80032http://www.bugzilla.org/security/3.6.11/http://www.mandriva.com/security/advisories?name=MDVSA-2013:066